2023-03-14 13:18:55 +00:00
|
|
|
/**
|
|
|
|
* Copyright (c) HashiCorp, Inc.
|
|
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
|
|
*/
|
|
|
|
|
2021-02-19 16:42:16 +00:00
|
|
|
import BaseAbility from './base';
|
|
|
|
import { inject as service } from '@ember/service';
|
|
|
|
|
|
|
|
export default class ACLAbility extends BaseAbility {
|
|
|
|
@service('env') env;
|
|
|
|
|
|
|
|
resource = 'acl';
|
|
|
|
segmented = false;
|
2021-07-14 17:52:13 +00:00
|
|
|
// Access is very similar to read, but when ACLs are disabled you still need
|
|
|
|
// access to ACLs in order to see the ACLs disabled page, which is accessing
|
|
|
|
// the ACLs area, but without read
|
|
|
|
get canAccess() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') ? this.canRead : true;
|
|
|
|
}
|
2021-02-19 16:42:16 +00:00
|
|
|
|
|
|
|
get canRead() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && super.canRead;
|
|
|
|
}
|
2021-03-17 11:23:00 +00:00
|
|
|
|
2021-03-11 09:29:11 +00:00
|
|
|
get canDuplicate() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && super.canWrite;
|
|
|
|
}
|
2021-03-17 11:23:00 +00:00
|
|
|
|
2021-03-11 09:29:11 +00:00
|
|
|
get canDelete() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && this.item.ID !== 'anonymous' && super.canWrite;
|
|
|
|
}
|
2021-03-17 11:23:00 +00:00
|
|
|
|
|
|
|
get canUse() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED');
|
|
|
|
}
|
2021-02-19 16:42:16 +00:00
|
|
|
}
|